944 resultados para Medium Access Control (MAC)
Resumo:
[ES] Esta aplicación web realizada en Ruby on Rails, tiene como objetivo principal la gestión del ranking para una asociación de perros de exposición. Dicha asociación es la “Asociación Española para el Fomento de la Raza Bulldog Francés”. En dicha asociación, los perros participan en exposiciones caninas y de acuerdo con una tabla y los resultados, les adjudican puntos a los perros. La tabla de asignación de puntos puede variar cada año. El perro que más puntos obtiene gana el ranking, hay un ganador hembra y otro ganador macho. Por otra parte, los posibles roles de usuarios son: el rol de administrador, los cuales pueden manejar todos los recursos; el rol de socio, que puede crear nuevos perfiles de perros, enviar resultados de sus perros y demás acciones posibles para este rol; el rol de usuarios registrado, que son usuarios que fueron socios y que ya no lo son. Dicho tipo de usuario puede modificar su perfil, pero ya no podría hacer cambios o eliminar sus perros de la aplicación. Y tampoco podría borrar resultados de sus perros que ya hubiesen sido enviados cuando era socio; y el rol de usuario no registrado que sólo pueden ver los listados de perros, ver sus perfiles y demás acciones que sólo sean ver pero no crear, modificar ni borrar nada. Como resultado final a este trabajo de fin de grado se ha obtenido una aplicación con los requisitos necesarios para cubrir las necesidades para la asociación de perros de exposición, en el cual se gestiona el ranking, también se gestionan los perfiles tanto de perros como de usuarios, control de accesos según el rol del usuario, gestión de las exposiciones, etc.
Resumo:
As distributed collaborative applications and architectures are adopting policy based management for tasks such as access control, network security and data privacy, the management and consolidation of a large number of policies is becoming a crucial component of such policy based systems. In large-scale distributed collaborative applications like web services, there is the need of analyzing policy interactions and integrating policies. In this thesis, we propose and implement EXAM-S, a comprehensive environment for policy analysis and management, which can be used to perform a variety of functions such as policy property analyses, policy similarity analysis, policy integration etc. As part of this environment, we have proposed and implemented new techniques for the analysis of policies that rely on a deep study of state of the art techniques. Moreover, we propose an approach for solving heterogeneity problems that usually arise when considering the analysis of policies belonging to different domains. Our work focuses on analysis of access control policies written in the dialect of XACML (Extensible Access Control Markup Language). We consider XACML policies because XACML is a rich language which can represent many policies of interest to real world applications and is gaining widespread adoption in the industry.
Resumo:
The Internet of Things (IoT) is the next industrial revolution: we will interact naturally with real and virtual devices as a key part of our daily life. This technology shift is expected to be greater than the Web and Mobile combined. As extremely different technologies are needed to build connected devices, the Internet of Things field is a junction between electronics, telecommunications and software engineering. Internet of Things application development happens in silos, often using proprietary and closed communication protocols. There is the common belief that only if we can solve the interoperability problem we can have a real Internet of Things. After a deep analysis of the IoT protocols, we identified a set of primitives for IoT applications. We argue that each IoT protocol can be expressed in term of those primitives, thus solving the interoperability problem at the application protocol level. Moreover, the primitives are network and transport independent and make no assumption in that regard. This dissertation presents our implementation of an IoT platform: the Ponte project. Privacy issues follows the rise of the Internet of Things: it is clear that the IoT must ensure resilience to attacks, data authentication, access control and client privacy. We argue that it is not possible to solve the privacy issue without solving the interoperability problem: enforcing privacy rules implies the need to limit and filter the data delivery process. However, filtering data require knowledge of how the format and the semantics of the data: after an analysis of the possible data formats and representations for the IoT, we identify JSON-LD and the Semantic Web as the best solution for IoT applications. Then, this dissertation present our approach to increase the throughput of filtering semantic data by a factor of ten.
Resumo:
L'obiettivo della tesi è la creazione di un'infrastruttura di tipo RBAC (Role Based Access Control), adibita al controllo degli accessi all'interno del linguaggio di coordinazione TuCSoN. Il punto di partenza si basa sull'analisi del lavoro sviluppato dall'Ing. Galassi: "Modello di sicurezza e controllo di accesso in una infrastruttura di coordinazione: architettura e implementazione". Usando questa come base teorica di partenza, si sono estrapolati i concetti chiave e si è data vita ad un'implementazione funzionante e di semplice utilizzo di RBAC in TuCSoN.
Resumo:
Dall'analisi dei big data si possono trarre degli enormi benefici in svariati ambiti applicativi. Uno dei fattori principali che contribuisce alla ricchezza dei big data, consiste nell'uso non previsto a priori di dati immagazzinati in precedenza, anche in congiunzione con altri dataset eterogenei: questo permette di trovare correlazioni significative e inaspettate tra i dati. Proprio per questo, il Valore, che il dato potenzialmente porta con sè, stimola le organizzazioni a raccogliere e immagazzinare sempre più dati e a ricercare approcci innovativi e originali per effettuare analisi su di essi. L’uso fortemente innovativo che viene fatto dei big data in questo senso e i requisiti tecnologici richiesti per gestirli hanno aperto importanti problematiche in materia di sicurezza e privacy, tali da rendere inadeguati o difficilmente gestibili, gli strumenti di sicurezza utilizzati finora nei sistemi tradizionali. Con questo lavoro di tesi si intende analizzare molteplici aspetti della sicurezza in ambito big data e offrire un possibile approccio alla sicurezza dei dati. In primo luogo, la tesi si occupa di comprendere quali sono le principali minacce introdotte dai big data in ambito di privacy, valutando la fattibilità delle contromisure presenti all’attuale stato dell’arte. Tra queste anche il controllo dell’accesso ha riscontrato notevoli sfide causate dalle necessità richieste dai big data: questo elaborato analizza pregi e difetti del controllo dell’accesso basato su attributi (ABAC), un modello attualmente oggetto di discussione nel dibattito inerente sicurezza e privacy nei big data. Per rendere attuabile ABAC in un contesto big data, risulta necessario l’ausilio di un supporto per assegnare gli attributi di visibilità alle informazioni da proteggere. L’obiettivo di questa tesi consiste nel valutare fattibilità, caratteristiche significative e limiti del machine learning come possibile approccio di utilizzo.
Resumo:
In this paper, we investigated whether bcl-xL can be involved in the modulation of the angiogenic phenotype of human tumor cells. Using the ADF human glioblastoma and the M14 melanoma lines, and their derivative bcl-xL-overexpressing clones, we showed that the conditioned medium of bcl-xL transfectants increased in vitro endothelial cell functions, such as proliferation and morphogenesis, and in vivo vessel formation in Matrigel plugs, compared with the conditioned medium of control cells. Moreover, the overexpression of bcl-xL induced an increased expression of the proangiogenic interleukin-8 (CXCL8), both at the protein and mRNA levels, and an enhanced CXCL8 promoter activity. The role of CXCL8 on bcl-xL-induced angiogenesis was validated using CXCL8-neutralizing antibodies, whereas down-regulation of bcl-xL through antisense oligonucleotide or RNA interference strategies confirmed the involvement of bcl-xL on CXCL8 expression. Transient overexpression of bcl-xL led to extend this observation to other tumor cell lines with different origin, such as colon and prostate carcinoma. In conclusion, our results showed that CXCL8 modulation by bcl-xL regulates tumor angiogenesis, and they point to elucidate an additional function of bcl-xL protein.
Resumo:
With today's prevalence of Internet-connected systems storing sensitive data and the omnipresent threat of technically skilled malicious users, computer security remains a critically important field. Because of today's multitude of vulnerable systems and security threats, it is vital that computer science students be taught techniques for programming secure systems, especially since many of them will work on systems with sensitive data after graduation. Teaching computer science students proper design, implementation, and maintenance of secure systems is a challenging task that calls for the use of novel pedagogical tools. This report describes the implementation of a compiler that converts mandatory access control specification Domain-Type Enforcement Language to the Java Security Manager, primarily for pedagogical purposes. The implementation of the Java Security Manager was explored in depth, and various techniques to work around its inherent limitations were explored and partially implemented, although some of these workarounds do not appear in the current version of the compiler because they would have compromised cross-platform compatibility. The current version of the compiler and implementation details of the Java Security Manager are discussed in depth.
Resumo:
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.
Resumo:
In this paper we follow a theory-based approach to study the assimilation of compliance software in highly regulated multinational enterprises. These relatively new software products support the automation of controls which are associated with mandatory compliance requirements. We use institutional and success factor theories to explain the assimilation of compliance software. A framework for analyzing the assimilation of Access Control Systems (ACS), a special type of compliance software, is developed and used to reflect the experiences obtained in four in-depth case studies. One result is that coercive, mimetic, and normative pressures significantly effect ACS assimilation. On the other hand, quality aspects have only a moderate impact at the beginning of the assimilation process, in later phases the impact may increase if performance and improvement objectives become more relevant. In addition, it turns out that position of the enterprises and compatibility heavily influence the assimilation process.
Resumo:
Introduction: Video‐Supported Learning is particularly effective when it comes to skills and behaviors. Video registration of patient‐physician interviews, class room instruction or practical skills allow it to learners themselves, their peers, and their tutors to assess the quality of the learner's performance, to give specific feedback, and to make suggestions for improvement. Methods: In Switzerland, four pedagogical universities and two medical faculties joined to initiate the development of a national infrastructure for Video Supported Learning. The goal was to have a system that is simple to use, has most steps automated, provides the videos over the Internet, and has a sophisticated access control. Together with SWITCH, the national IT‐Support‐Organisation for Swiss Universities, the program iVT (Individual Video Training) was developed by integrating two preexisting technologies. The first technology is SWITCHcast, a podcast system. With SWITCHcast, videos are automatically uploaded to a server as soon as the registration is over. There the videos are processed and converted to different formats. The second technology is the national Single Logon System AAI (Authentification and Authorization Infrastructure) that enables iVT to link each video with the corresponding learner. The learner starts the registration with his Single Logon. Thus, the video can unambiguously be assigned. Via his institution's Learning Management System (LMS), the learner can access his video and give access to his video to peers and tutors. Results: iVT is now used at all involved institutions. The system works flawlessly. In Bern, we use iVT for the communications skills training in the forth and sixth year. Since students meet with patient actors alone, iVT is also used to certify attendance. Students are encouraged to watch the videos of the interview and the feedback of the patient actor. The offer to discuss a video with a tutor was not used by the students. Discussion: We plan to expand the use of iVT by making peer assessment compulsory. To support this, annotation capabilities are currently added to iVT. We also want to use iVT in training of practical skills, again for self as well as for peer assessment. At present, we use iVT for quality control of patient actor's performance.
Resumo:
BACKGROUND Cell-free foetal haemoglobin (HbF) has been shown to play a role in the pathology of preeclampsia (PE). In the present study, we aimed to further characterize the harmful effects of extracellular free haemoglobin (Hb) on the placenta. In particular, we investigated whether cell-free Hb affects the release of placental syncytiotrophoblast vesicles (STBMs) and their micro-RNA content. METHODS The dual ex-vivo perfusion system was used to perfuse isolated cotyledons from human placenta, with medium alone (control) or supplemented with cell-free Hb. Perfusion medium from the maternal side of the placenta was collected at the end of all perfusion phases. The STBMs were isolated using ultra-centrifugation, at 10,000×g and 150,000×g (referred to as 10K and 150K STBMs). The STBMs were characterized using the nanoparticle tracking analysis, identification of surface markers and transmission electron microscopy. RNA was extracted and nine different micro-RNAs, related to hypoxia, PE and Hb synthesis, were selected for analysis by quantitative PCR. RESULTS All micro-RNAs investigated were present in the STBMs. Mir-517a, mir-141 and mir-517b were down regulated after Hb perfusion in the 10K STBMs. Furthermore, Hb was shown to be carried by the STBMs. CONCLUSION This study showed that Hb perfusion can alter the micro-RNA content of released STBMs. Of particular interest is the alteration of two placenta specific micro-RNAs; mir-517a and mir-517b. We have also seen that STBMs may function as carriers of Hb into the maternal circulation.
Resumo:
Location prediction has attracted a significant amount of research effort. Being able to predict users’ movement benefits a wide range of communication systems, including location-based service/applications, mobile access control, mobile QoS provision, and resource management for mobile computation and storage management. In this demo, we present MOBaaS, which is a cloudified Mobility and Bandwidth prediction services that can be instantiated, deployed, and disposed on-demand. Mobility prediction of MOBaaS provides location predictions of a single/group user equipments (UEs) in a future moment. This information can be used for self-adaptation procedures and optimal network function configuration during run-time operations. We demonstrate an example of real-time mobility prediction service deployment running on OpenStack platform, and the potential benefits it bring to other invoking services.
Resumo:
Introduction: Discectomy and spinal fusion is the gold standard for spinal surgery to relieve pain. However, fusion can be hindered for yet unknown reasons that lead to non-fusions with pseudo-arthrose. It is hence appealing to develop biomaterials that can enhance bone formation. Clinical observations indicate that presence of residual intervertebral disc (IVD) tissue might hinder the ossification. We hypothesize that BMP-antagonists are constantly secreted by IVD cells and potentially prevent the ossification process. Furthermore, L51P, the engineered BMP2 variant, stimulates osteoinduction of bone marrow-derived mesenchymal stem cells (MSC) by antagonizing BMP-inhibitors. Methods: Human MSCs, primary nucleus pulposus (NPC) and annulus pulposus cells (AFC) were isolated and expanded in monolayer cultures up to passage 3. IVD cells were seeded in 1.2% alginate beads (4Mio/mL) and separated by culture inserts from MSCs in a co-culture set-up. MSCs were kept in 1:control medium, 2:osteogenic medium+alginate control, 3:osteogenic medium+NPC (±L51P) and 4:osteogenic medium+AFC (±L51P) for 21 days. Relative gene expression of bone-related genes, Alkaline Phosphatase (ALP) assay and histological staining were performed. Results: Osteogenesis of MSCs was hindered as shown by reduced alizarin red staining in the presence of NPC. No such inhibition was observed if co-cultured with alginate only or in the presence of AFC. The results were confirmed on the RNA and protein level. Addition of L51P to the co-cultures induced mineralization of MSCs, however a reduced ALP was observed. Conclusion: We demonstrated that NPC secrete BMP-antagonists that prevent osteogenesis of MSCs and L51P can antagonize BMP-antagonists and induce bone formation.
Resumo:
En el presente trabajo se busca introducir el debate alrededor de los conceptos de espacio, territorio, territorialidad, lugar y sus posibles incumbencias para el análisis de sujetos políticos, centrado en un caso de movimiento de desocupados en Argentina: la CTD Aníbal Verón. En primer lugar, se aborda la discusión acerca de si el espacio puede ser pensado como dimensión constitutiva de lo político o si basta pensarlo como manifestación del conflicto, demarcación de un límite y control del acceso, entendiendo el espacio construido en tanto territorio. En segundo lugar, se desarrolla el análisis de la relación de los sujetos con el espacio, su apropiación y dotación de sentido, involucrando relaciones identitarias que a menudo son analizadas a través de la categoría de lugar. Se prestará atención a dos de las diversas prácticas que construyen lugares (en términos de identidad) en los territorios construidos/ apropiados por la organización: el barrio y el piquete
Resumo:
En el presente trabajo se busca introducir el debate alrededor de los conceptos de espacio, territorio, territorialidad, lugar y sus posibles incumbencias para el análisis de sujetos políticos, centrado en un caso de movimiento de desocupados en Argentina: la CTD Aníbal Verón. En primer lugar, se aborda la discusión acerca de si el espacio puede ser pensado como dimensión constitutiva de lo político o si basta pensarlo como manifestación del conflicto, demarcación de un límite y control del acceso, entendiendo el espacio construido en tanto territorio. En segundo lugar, se desarrolla el análisis de la relación de los sujetos con el espacio, su apropiación y dotación de sentido, involucrando relaciones identitarias que a menudo son analizadas a través de la categoría de lugar. Se prestará atención a dos de las diversas prácticas que construyen lugares (en términos de identidad) en los territorios construidos/ apropiados por la organización: el barrio y el piquete
